2 matches found
NETGEAR GS110TPV3未认证命令注入漏洞(CVE-2021-33514)
Summary: Affected Model: NETGEAR GS110TPV3 Smart Managed Pro Switch Firmware Version: V7.0.5.2 from 2021-01-11 NETGEAR GS110TPV3 Smart Managed Pro Switch is vulnerable to a pre-auth shell injection due to incorrect input handling in setup.cgi query parameters. This allows an attacker in the same...
Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy
Google’s Project Zero bug-hunting team is making a big change to its vulnerability disclosure policies. Full details on any vulnerability will be made public 90 days after discovery, regardless of when the bug is fixed. That means that whether it’s patched on Day 20 or Day 120, bug details will g...